Announcement

Collapse
No announcement yet.

Missing SYSVOL after dcpromo

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Missing SYSVOL after dcpromo

    Hi
    one of my DC started having problems with the disks so I properly disjoined it from the domain and after the disks replaced I joined this machine back to domain but I noticed its not replicating the SYSVOL from the main DC. Now I have gone though numerous articles regarding this issue on Microsoft site but I couldnt get the issue resolved.

    Now all I have is a single working DC(server1) which is fine but the problematic DC(server3) is not replicating at all. I suspected a RPC issue but if I use ntdsutil to connect to the problematic DC(server3) from the working DC(server1) its connecting fine as per one of the article if you have a RPC issue ntdsutil will be showing errors. (or correct me if I am wrong)

    the ntdsutil shows

    server connections: connect to server server3
    Binding to server3 ...
    Connected to server3 using credentials of locally logged on user


    From server1 if I issue repadmin /showreps command it shows
    Default-First-Site-Name\SERVER1
    DSA Options : IS_GC
    objectGuid : 18432d1f-ee6e-4bf3-ad99-d7cc9518797b
    invocationID: ca5f1bbd-0c54-4329-9e6e-3554fa9bee5c

    ==== INBOUND NEIGHBORS ======================================

    CN=Schema,CN=Configuration,DC=<mydomain>,DC=com
    Default-First-Site-Name\SERVER3 via RPC
    objectGuid: 1d77e5fb-f579-49fa-9b73-b66ede242c40
    Last attempt @ 2006-10-19 09:50.12 was successful.

    CN=Configuration,DC=<mydomain>,DC=com
    Default-First-Site-Name\SERVER3 via RPC
    objectGuid: 1d77e5fb-f579-49fa-9b73-b66ede242c40
    Last attempt @ 2006-10-19 09:50.11 was successful.

    DC=<mydomain>,DC=com
    Default-First-Site-Name\SERVER3 via RPC
    objectGuid: 1d77e5fb-f579-49fa-9b73-b66ede242c40
    Last attempt @ 2006-10-19 09:57.40 was successful.

    ==== OUTBOUND NEIGHBORS FOR CHANGE NOTIFICATIONS ============

    CN=Schema,CN=Configuration,DC=<mydomain>,DC=com
    Default-First-Site-Name\SERVER3 via RPC
    objectGuid: 1d77e5fb-f579-49fa-9b73-b66ede242c40

    CN=Configuration,DC=<mydomain>,DC=com
    Default-First-Site-Name\SERVER3 via RPC
    objectGuid: 1d77e5fb-f579-49fa-9b73-b66ede242c40

    DC=<mydomain>,DC=com
    Default-First-Site-Name\SERVER3 via RPC
    objectGuid: 1d77e5fb-f579-49fa-9b73-b66ede242c40


    Also when I give dcdiag /a /v from the working DC(server1) the result shows errors in replication

    Testing server: Default-First-Site-Name\SERVER3
    Starting test: Replications
    * Replications Check
    [Replications Check,SERVER3] A recent replication attempt failed:
    From SERVER1 to SERVER3
    Naming Context: DC=<mydomain>,DC=com
    The replication generated an error (8442):
    The replication system encountered an internal error.
    The failure occurred at 2006-10-19 10:09.19.
    The last success occurred at (never).
    1259 failures have occurred since the last success.
    A serious error is preventing replication from continuing.
    Consult the error log for further information.
    If a particular object is named, it may be necessary to manually
    modify or delete the object.
    If the condition persists, contact Microsoft Support.
    REPLICATION LATENCY WARNING
    SERVER3: A full synchronization is in progress
    from SERVER1 to SERVER3
    Replication of new changes along this path will be delayed.
    The full sync is 0.00% complete.
    ......................... SERVER3 passed test Replications
    Test omitted by user request: Topology
    Test omitted by user request: CutoffServers
    Starting test: NCSecDesc
    * Security Permissions Check for
    CN=Schema,CN=Configuration,DC=<mydomain>,DC=com
    * Security Permissions Check for
    CN=Configuration,DC=<mydomain>,DC=com
    * Security Permissions Check for
    DC=<mydomain>,DC=com
    ......................... SERVER3 passed test NCSecDesc
    Starting test: NetLogons
    * Network Logons Privileges Check
    ......................... SERVER3 passed test NetLogons
    Starting test: Advertising
    Warning: the directory service on SERVER3 has not completed initial syn
    chronization.
    Other services will be delayed.
    Verify that the server can replicate.
    Warning: DsGetDcName returned information for \\server1.<mydomain>.com
    , when we were trying to reach SERVER3.
    Server is not responding or is not considered suitable.
    The DC SERVER3 is advertising itself as a DC and having a DS.
    The DC SERVER3 is advertising as an LDAP server
    The DC SERVER3 is advertising as having a writeable directory
    The DC SERVER3 is advertising as a Key Distribution Center
    The DC SERVER3 is advertising as a time server
    ......................... SERVER3 failed test Advertising


    forgot to mention its a Win2k domain with 2 DCs running on SP4, tried to demote and promote the problematic DC but no luck

    Now I am stuck and any help will be greatly appreciated
    Thanx in advance
    Dotfish
    Last edited by dotfish; 19th October 2006, 06:00.

  • #2
    Re: Missing SYSVOL after dcpromo

    Did you actually join the machine back to the domain or did you DCPROMO the server to make it a DC??

    Comment


    • #3
      Re: Missing SYSVOL after dcpromo

      Originally posted by wullieb1
      Did you actually join the machine back to the domain or did you DCPROMO the server to make it a DC??
      I did a dcpromo after the disks got replaced and windows got reinstalled fresh

      Comment


      • #4
        Re: Missing SYSVOL after dcpromo

        Originally posted by dotfish
        I did a dcpromo after the disks got replaced and windows got reinstalled fresh
        Did you use the same name as you previously used for the server?


        Tom
        For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

        Anything you say will be misquoted and used against you

        Comment


        • #5
          Re: Missing SYSVOL after dcpromo

          Start with the basics.
          - is DC3 using DC1 for DNS, so that it can find all records?
          - are DC3 and DC1 in time sync (within 5 minutes)
          - is DC3 showing other errors in the directory log or system log?
          - browse through the dcpromo logs at c:\windows\debug.

          Comment


          • #6
            Re: Missing SYSVOL after dcpromo

            Originally posted by Stonelaughter View Post
            Did you use the same name as you previously used for the server?
            Yeah I did use the same name of the previous server once I reinstalled Windows.

            Comment


            • #7
              Re: Missing SYSVOL after dcpromo

              Originally posted by wkasdo View Post
              Start with the basics.
              - is DC3 using DC1 for DNS, so that it can find all records?
              - are DC3 and DC1 in time sync (within 5 minutes)
              - is DC3 showing other errors in the directory log or system log?
              - browse through the dcpromo logs at c:\windows\debug.
              Hi wkasdo

              - Yes DC3 is using DC1 for the DNS and no issues with ping or PTR records as I verified it

              - Yes both are in same time sync

              - Regarding errors in log I do have errors and they are as follows

              Netlogon event with event no 5774
              Registration of the DNS record '1d77e5fb-f579-49fa-9b73-b66ede242c40._msdcs.<mydomain>.com. 600 IN CNAME server3.<mydomain>.com' failed with the following error:
              DNS RR set that ought to exist, does not exist.

              Also for every 30 minute I have NTDS Replication Event with event No 1557
              This DRA has never completed a full synchronization of partition DC=<mydomain>,DC=com. It will not be advertised as an available directory until this condition is met.

              This server was recently installed from a source server. Please verify that that source server is still available to finish providing data to this system.

              The synchronization will be retried.
              As per what you suggested I was going though the logs in debug folder of the problematic dc I found something interesting in ntfrs log which says

              <FrsDsFindComputer: 1472: 8717: S2: 09:09:02> S: Computer FQDN is cn=server3,ou=domain controllers,dc=<mydomain>,dc=com
              <FrsDsFindComputer: 1472: 8723: S2: 09:09:02> S: Computer's dns name is server3.<mydomain>.com
              <FrsDsFindComputer: 1472: 8737: S2: 09:09:02> S: Settings reference is cn=ntds settings,cn=server3,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=<mydomain>,dc=co m
              <FrsDsGetSubscriptions: 1472: 8357: S0: 09:09:02> S: No NTFRSSubscriptions object found under cn=server3,ou=domain controllers,dc=<mydomain>,dc=com!.
              <FrsDsEnumerateSysVolKeys: 1472: 9524: S0: 09:09:02> S: ERROR - Can't create old member SERVER3: Ldap Status: No Such Object
              <FrsDsFindComputer: 1472: 8717: S2: 09:14:02> S: Computer FQDN is cn=server3,ou=domain controllers,dc=<mydomain>,dc=com
              <FrsDsFindComputer: 1472: 8723: S2: 09:14:02> S: Computer's dns name is server3.<mydomain>.com
              <FrsDsFindComputer: 1472: 8737: S2: 09:14:02> S: Settings reference is cn=ntds settings,cn=server3,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=<mydomain>,dc=co m
              <FrsDsGetSubscriptions: 1472: 8357: S0: 09:14:02> S: No NTFRSSubscriptions object found under cn=server3,ou=domain controllers,dc=<mydomain>,dc=com!.
              <FrsDsEnumerateSysVolKeys: 1472: 9524: S0: 09:14:02> DS: ERROR - Can't create old member SERVER3: Ldap Status: No Such Object


              Hope they might be some use & I am still looking for a clue

              Thanx a lot
              Last edited by dotfish; 23rd October 2006, 05:21. Reason: Some more info to be added

              Comment


              • #8
                Re: Missing SYSVOL after dcpromo

                Originally posted by dotfish View Post
                Yeah I did use the same name of the previous server once I reinstalled Windows.
                I believe this could be your problem. I would remove the server3 entries from the domain in ad users and computers, reinstall windows on the "server3" box, and call it "server4"... THEN dcpromo it. For some reason AD simply HATES you using again the name of a DC which was previously removed from the directory...


                Tom
                For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

                Anything you say will be misquoted and used against you

                Comment


                • #9
                  Re: Missing SYSVOL after dcpromo

                  Originally posted by Stonelaughter View Post
                  I believe this could be your problem. I would remove the server3 entries from the domain in ad users and computers, reinstall windows on the "server3" box, and call it "server4"... THEN dcpromo it. For some reason AD simply HATES you using again the name of a DC which was previously removed from the directory...
                  Ok I have checked this and ruled out that option as I installed Windows on another box with a different name and a different IP but same issue is happening in that box too, SYSVOL simply doesnt replicate and if U try to replicate it gives an internal error

                  But thanx for suggestion

                  Comment


                  • #10
                    Re: Missing SYSVOL after dcpromo

                    Now you need to start using replmon and monitor replication.

                    Comment


                    • #11
                      Re: Missing SYSVOL after dcpromo

                      Originally posted by wullieb1 View Post
                      Now you need to start using replmon and monitor replication.
                      Sorry for the late reply,
                      I did follow your suggestions and I have found few interesting things

                      1. On replmon under the problematic DC( server3) I got 3 schema sections
                      2 of them are
                      CN=Schema,CN=Configuration,DC=<mydomain>,DC=com
                      CN=Configuration,DC=<mydomain>,DC=com
                      They are replicated without any issues I think as i could expand them
                      But the last one "DC=<mydomain>,DC=com" couldnt be expanded at all and I think this section is not getting replicated.
                      And All these 3 sections are fine and expandable under working DC(Server1) in replmon

                      Here is what the repadmin/showreps says in server3

                      CN=Schema,CN=Configuration,DC=<mydomain>,DC=com
                      Default-First-Site-Name\SERVER1 via RPC
                      objectGuid: 18432d1f-ee6e-4bf3-ad99-d7cc9518797b
                      Last attempt @ 2006-10-27 12:24.14 was successful.

                      CN=Configuration,DC=<mydomain>,DC=com
                      Default-First-Site-Name\SERVER1 via RPC
                      objectGuid: 18432d1f-ee6e-4bf3-ad99-d7cc9518797b
                      Last attempt @ 2006-10-27 12:30.31 was successful.

                      DC=<mydomain>,DC=com
                      Default-First-Site-Name\SERVER1 via RPC
                      objectGuid: 18432d1f-ee6e-4bf3-ad99-d7cc9518797b
                      Last attempt @ 2006-10-27 12:32.33 failed, result 8442:
                      The replication system encountered an internal error.
                      Last success @ (never).
                      6699 consecutive failure(s).

                      Comment

                      Working...
                      X